Identifying Risks from Cyber Fraud

By Linda Pierce Advocacy Leader, Gallagher Regional Claims | December 30, 2018

Cyber scammers have no reservations about checking into your hotel.

Imagine this scenario: your accounting department receives an email from a vendor revising the payment instructions for an invoice that is due. The email provides information about where the payment should be wired, and your employee wires the payment on time. Days later, the vendor contacts your accounting department and requests the payment. Upon investigation, you learn that your business has been victimized by a fraudulent scam. Not only was the money sent to the fraudster, your business still owes the true vendor the amount it is due.

Now, picture another scenario: an employee receives an email from senior management requesting that a wire transfer be processed so that a large equipment purchase can be completed. The employee dutifully processes the wire transfer to an account with a foreign bank. Later that day, the employee runs into the manager who initiated the request and mentions the transaction was completed. The manager expresses confusion and realizes that the company has been defrauded.

For many businesses, these scenarios are a reality. The Internet Crime Complaint Center (IC3), a partnership between the Federal Bureau of Investigation and the National White Collar Crime Center, reported in May 2018 that losses from Business Email Compromise (BEC) in 2017 jumped to over $675 million, an 87 percent increase from 2016's losses of $360 million. These figures do not take into consideration those losses that remain unreported.

A BEC is when the security of an organization's legitimate email account is breached, thereby allowing fraudsters to gain an understanding of financial transactions typically processed by the organization and to identify those employees who are essential to the transactions. Fake email accounts are then created to appear to be legitimate. Typically, fake email addresses will differ in subtle ways from legitimate email addresses and will not be discernable to the recipient. For example, email addresses will be off by one similar looking letter, replace "_" with ".", or have a slight difference that is imperceptible at first glance.

Social engineering fraud is the use of deception to induce individuals into divulging confidential information or engaging in detrimental activity, usually with consequences that harm financial interests, security or privacy concerns. A BEC is one type of social engineering fraud. Social engineering is so effective for fraudsters because it takes advantage of the primary tools of employment – computers and email. Employees' use of electronic data and computer-based communication as a way to perform their jobs, coupled with human beings' propensity to trust, combine to form the perfect platform for fraud.

Choose a Social Network!

The social network you are looking for is not available.

Close

Hotel Newswire Headlines Feed  

Daniel Link
Scott Watson
Bruce Seigel
Dean Minett
Eugenio Pirri
Brandon Billings
Terence Ronson
Dennis Rizzo
Tim Peter
Coming up in April 2019...

Guest Service: A Culture of YES

In a recent global consumers report, 97% of the participants said that customer service is a major factor in their loyalty to a brand, and 76% said they view customer service as the true test of how much a company values them. And since there is no industry more reliant on customer satisfaction than the hotel industry, managers must be unrelenting in their determination to hire, train and empower the very best people, and to create a culture of exceptional customer service within their organization. Of course, this begins with hiring the right people. There are people who are naturally service-oriented; people who are warm, empathetic, enthusiastic, pleasant, thoughtful and optimistic; people who take pride in their ability to solve problems for the hotel guests they are serving. Then, those same employees must be empowered to solve problems using their own judgment, without having to track down a manager to do it. This is how seamless problem solving and conflict resolution are achieved in guest service. This willingness to empower employees is part of creating a Culture of Yes within an organization.  The goal is to create an environment in which everyone is striving to say “Yes”, rather than figuring out ways to say, “No”. It is essential that this attitude be instilled in all frontline, customer-facing, employees. Finally, in order to ensure that the hotel can generate a consistent level of performance across a wide variety of situations, management must also put in place well-defined systems and standards, and then educate their employees about them. Every employee must be aware of and responsible for every standard that applies in their department. The April issue of the Hotel Business Review will document what some leading hotels are doing to cultivate and manage guest satisfaction in their operations.